Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
reported that ntp daemons such as that released with Debian GNU/Linux are
vulnerable to a buffer overflow that can lead to a remote root exploit. A
previous advisory (DSA-045-1) partially addressed this issue, but introduced a
potential denial of service attack. This has been corrected for Debian 2.2
(potato) in ntp version 4.0.99g-2potato2.